Showing papers on "Temporal isolation among virtual machines published in 2002"

Memory resource management in VMware ESX server

Abstract: VMware ESX Server is a thin software layer designed to multiplex hardware resources efficiently among virtual machines running unmodified commodity operating systems. This paper introduces several novel ESX Server mechanisms and policies for managing memory. A ballooning technique reclaims the pages considered least valuable by the operating system running in a virtual machine. An idle memory tax achieves efficient memory utilization while maintaining performance isolation guarantees. Content-based page sharing and hot I/O page remapping exploit transparent page remapping to eliminate redundancy and reduce copying overheads. These techniques are combined to efficiently support virtual machine workloads that overcommit memory.

Methods and apparatus for managing multiple user systems

Abstract: The techniques of the present invention relate to allocating resources and managing multiple services and multiple users in a multiprocessing computer system. A virtual machine executive is booted on a computer system typically with multiple processors and multiple memory blocks. The virtual machine executive creates multiple virtual machines associated with multiple operating systems. A virtual machine executive provides the illusion that each virtual machine has its own dedicated hardware. The virtual machine executive either behaves as a file server, or hosts an operating system instance that behaves as a file server. System administration of the collection of operating system instances can be achieved by administering the operating system instance that behaves as a file server, rather than by administering each operating system instance alone.

Method and apparatus for suspending a software virtual machine

Abstract: A computer system includes a software virtual machine (such as Java) for running one or more applications. An object is provided that is responsive to a call from an application for placing the virtual machine and application into a state of suspension. This involves interrupting all current threads, and recording the state of the components of the virtual machine, including heap, threads, and stack, into a serialization data structure. Subsequently the serialization data structure can be invoked to resume the virtual machine and application from the state of suspension. Note that many virtual machines can be cloned from the single stored data structure. One benefit of this approach is that a new virtual machine can effectively be created in an already initialized state.

An observation-based approach towards self-managing Web servers

Abstract: The Web server architectures that provide performance isolation, service differentiation, and QoS guarantees rely on external administrators to set the right parameter values for the desired performance Due to the complexity of handling varying workloads and bottleneck resources, configuring such parameters optimally becomes a challenge In this paper we describe an observation-based approach for self-managing Web servers that can adapt to changing workloads while maintaining the QoS requirements of different classes In this approach, the system state is monitored continuously and parameter values of various system resources-primarily the accept queue and the CPU-are adjusted to maintain the system-wide QoS goals We implement our techniques using the Apache Web server and the Linux operating system We first demonstrate the need to manage different resources in the system depending on the workload characteristics We then experimentally demonstrate that our observation-based system can adapt to workload changes by dynamically adjusting the resource shares in order to maintain the QoS goals

Denali: a scalable isolation kernel

Abstract: The Denali project provides system support for running several mutually distrusting Internet services on the same physical infrastructure. For example, this would enable a developer to push dynamic content into third party hosting infrastructure such as content distribution networks. To accomplish this, we propose a new kernel architecture called an isolation kernel to isolate untrusted applications. An isolation kernel is a simple, thin software layer that runs directly on hardware (and hence below operating systems), whose function is to subdivide a physical machine into a set of fully isolated protection domains. Isolation kernels resemble virtual machine monitors in that they expose a virtualized hardware interface to a set of virtual machines. Unlike VMMs, however, isolation kernels do not attempt to precisely emulate the underlying physical architecture. By selectively modifying the hardware architecture, we enable our system to scale up to 1000's of virtual machines on commodity hardware. In this paper, we describe a set of design principles that govern isolation kernels, briefly discuss a prototype isolation kernel, and present future work and applications of isolation kernels.

Multiple virtual machine environment management system

Abstract: An apparatus and method of running multiple concurrent virtual machines is disclosed. A memory component, a timer component, a multiple virtual machine control component, and a processor component can be included. The timer component can include a virtual machine activation period timer and a plurality of virtual machine dedicated timers. The processor component can process instructions of a virtual machine indicated to be the active virtual machine. The processor component can suspend processing instructions of a virtual machine when the virtual machine activation period timer causes the timer component to indicate a virtual machine switch. A memory protection component and process can also be included.

Code Sharing among Virtual Machines

Abstract: Sharing of code among applications executing in separate virtual machines can lead to memory footprint reductions and to performance improvements. The design of a general and acceptable sharing mechanism is challenging because of several constraints: performance considerations, the possibility of dynamic class loading, dependencies between shared code and the runtime system, and the potential of adverse impact on the runtime's reliability and on ease of maintenance. This paper analyzes these tradeoffs in the context of two modifications to the Java? virtual machine (JVM?). The first allows for sharing of bytecodes and class information across multiple virtual machines, each of which executes in a separate operating system process, using shared memory. The second additionally enables the sharing of dynamically compiled code. Their design and performance are evaluated against two other approaches: running each application in a separate instance of an unmodified virtual machine, and running all applications in a single instance of a multitasking virtual machine.

Device virtualization and assignment of interconnect devices

Abstract: A method for assigning a device to a first virtual machine includes connecting the device, directly or indirectly, to a computer through an interconnect. The first virtual machine and a second virtual machine are run on the computer. The device is assigned to the first virtual machine for exclusive use by the first virtual machine, and the assignment is enforced.

Code sharing among virtual machines

Abstract: Sharing of code among applications executing in separate virtual machines can lead to memory footprint reductions and to performance improvements. The design of a general and acceptable sharing mechanism is challenging because of several constraints: performance considerations, the possibility of dynamic class loading, dependencies between shared code and the runtime system, and the potential of adverse impact on the runtime's reliability and on ease of maintenance. This paper analyzes these tradeoffs in the context of two modifications to the Java virtual machine (JVM ). The first allows for sharing of bytecodes and class information across multiple virtual machines, each of which executes in a separate operating system process, using shared memory. The second additionally enables the sharing of dynamically compiled code. Their design and performance are evaluated against two other approaches: running each application in a separate instance of an unmodified virtual machine, and running all applications in a single instance of a multitasking virtual machine.

Method and apparatus to facilitate debugging a platform-independent virtual machine

Abstract: One embodiment of the present invention provides a system that facilitates debugging a platform-independent virtual machine. The system operates by providing an agent on the platform-independent virtual machine, which provides a set of functions for accessing variables in the platform-independent virtual machine. The platform-independent virtual machine is adapted to call the set of functions within the agent. Next, the agent examines the current state of the variables in the platform-independent virtual machine. The agent communicates the current state of the variables to a host machine. An operator of the host machine can then analyze the current state of the variables.

Software support for virtual machine interpreter (VMI) acceleration hardware

Abstract: A system and method for processing virtual machine instructions which supports the software trap methodology. An application programming interface (API) prescribes additional functionality for software traps that remove the processing of recursive virtual machine instructions from virtual machine hardware and instead process recursive virtual machine instructions using software. The additional functionality includes the configuration of a context for processing recursive virtual machine instructions, which enables the virtual machine instructions to access CPU registers to retrieve and modify the values of variables as required, the release of the configured context when processing of recursive virtual machine instructions is completed, and the return of control to a virtual machine for processing non-recursive virtual machine instructions.

Techniques for loading class files into virtual machines

Abstract: Improved techniques for loading class files into virtual computing machines are disclosed. These techniques provide a mechanism that will generally improve the efficiency of virtual machines by selectively loading information into a virtual machine. As will be appreciated, this allows a better use of the resources of the virtual machine. This is especially effective in virtual machines that operate with limited memory resources (e.g., embedded systems). In one embodiment, class files suitable for loading into a virtual machine are initially loaded into a memory portion (e.g., heap memory). Then, information that is needed to be loaded into the virtual machine is selected. Finally, only the selected information is loaded into the virtual machine.